| Charles Chan | caebcf3 | 2021-09-20 22:17:52 -0700 | [diff] [blame] | 1 | Specification |
| 2 | ============= |
| 3 | |
| Charles Chan | e6bb27a | 2021-10-03 23:26:50 -0700 | [diff] [blame^] | 4 | SDN Features |
| 5 | ############ |
| 6 | - ONOS cluster of all-active N instances affording N-way redundancy and scale, where N = 3 or N = 5 |
| 7 | - Unified operations interface (GUI/REST/CLI) |
| 8 | - Centralized configuration: all configuration is done on the controller instead of each individual switch |
| 9 | - Centralized role-based access control (RBAC) |
| 10 | - Automatic host (end-point) discovery: attached hosts, access-devices, appliances (PNFs), routers, etc. |
| 11 | based on ARP, DHCP, NDP, etc. |
| 12 | - Automatic switch, link and topology discovery and maintenance (keepalives, failure recovery) |
| Charles Chan | caebcf3 | 2021-09-20 22:17:52 -0700 | [diff] [blame] | 13 | |
| Charles Chan | e6bb27a | 2021-10-03 23:26:50 -0700 | [diff] [blame^] | 14 | L2 Features |
| 15 | ########### |
| 16 | Various L2 connectivity and tunneling support |
| 17 | - VLAN-based bridging |
| 18 | |
| 19 | - Access, Trunk and Native VLAN support |
| 20 | - VLAN cross connect |
| 21 | |
| 22 | - Forward traffic based on outer VLAN id |
| 23 | - Forward traffic based on outer and inner VLAN id (QinQ) |
| 24 | - Pseudowire |
| 25 | |
| 26 | - L2 tunneling across the L3 fabric |
| 27 | - Support tunneling based on double tagged and single tagged traffic |
| 28 | |
| 29 | - Support VLAN translation of outer tag |
| 30 | |
| 31 | L3 Features |
| 32 | ########### |
| 33 | IP connectivity |
| 34 | - IPv4 and IPv6 unicast routing (internal use of MPLS Segment Routing) |
| 35 | - Subnetting configuration on all non-spine facing leaf ports; no configuration required on any spine port |
| 36 | - IPv6 router advertisement |
| 37 | - ARP, NDP, IGMP handling |
| 38 | - Number of flows in spines greatly simplified by MPLS Segment Routing |
| 39 | - Further reduction of per-leaf flows with route optimization logic |
| 40 | |
| 41 | DHCP Relay |
| 42 | ########## |
| 43 | DHCP L3 relay |
| 44 | - DHCPv4 and DHCPv6 |
| 45 | - DHCP server either directly attached to fabric leaves, or indirectly connected via upstream router |
| 46 | - DHCP client directly either attached to fabric leaves, or indirectly connected via LDRA |
| 47 | - Multiple DHCP servers for HA |
| 48 | |
| 49 | vRouter |
| 50 | ####### |
| 51 | vRouter presents the entire SD-Fabric as a single router (or dual-routers for HA), with disaggregated control/data plane |
| 52 | - Uses open-source protocol implementations like Quagga (or FRR) |
| 53 | - BGPv4 and BGPv6 |
| 54 | - Static routes |
| 55 | - Route blackholing |
| 56 | - ACLs based on port, L2, L3 and L4 headers |
| 57 | |
| 58 | Multicast |
| 59 | ######### |
| 60 | Centralized multicast tree computation, programming and management |
| 61 | - Support both IPv4 and IPv6 multicast |
| 62 | - Dual-homed multicast sinks for HA |
| 63 | - Multiple multicast sources for HA |
| 64 | |
| 65 | API |
| 66 | ### |
| 67 | - Provide easy access for 3rd party edge application developers and for the Aether centralized management platform |
| 68 | - Support for traffic redirecting, dropping, network slicing and QoS |
| 69 | |
| 70 | Programmability |
| 71 | ############### |
| 72 | - Support for Stratum, P4Runtime and gNMI and P4 programs |
| 73 | - Innovative services enabled by programmable pipeline |
| 74 | - 4G/5G UPF - GTP encap/decap, idle-mode buffering, QoS and more |
| 75 | - BNG - PPPoE, anti-spoofing, accounting and more |
| 76 | |
| 77 | Troubleshooting & Diagnostics |
| 78 | ############################# |
| 79 | - T3: Troubleshooting tool to diagnose broken forwarding paths fabric wide |
| 80 | - ONOS-diags: One-click Diagnostics collection tool |
| 81 | |
| 82 | Topology |
| 83 | ######## |
| 84 | SD-Fabric can start at the smallest scale (single leaf) and grow horizontally. |
| 85 | |
| 86 | Single Leaf (ToR) |
| 87 | ***************** |
| 88 | This is the minimum SD-Fabric setup. In this setup, all servers are connected to a single switch. |
| 89 | |
| 90 | .. image:: images/topology-single.png |
| 91 | |
| 92 | Paired Leaf (Dual-Homing) |
| 93 | ************************* |
| 94 | Compared to single switch, it provides more redundancy in terms of server NIC failure and link failure. |
| 95 | |
| 96 | .. image:: images/topology-pair.png |
| 97 | |
| 98 | Leaf-Spine (without pairing) |
| 99 | **************************** |
| 100 | Compared to single switch, it offers more redundancy in terms of switch failure and provides better scalability. |
| 101 | |
| 102 | .. image:: images/topology-2x2.png |
| 103 | |
| 104 | Leaf-Spine (with pairing) |
| 105 | ************************* |
| 106 | It supports all the redundancy and scalability features mentioned above. |
| 107 | |
| 108 | .. image:: images/topology-2x4.png |
| 109 | |
| 110 | Multi-Stage Leaf-Spine |
| 111 | ********************** |
| 112 | Multi-stage is specifically designed for telco service providers. |
| 113 | The first stage can be installed in the central office, |
| 114 | while the second stage can be installed in a field office that is closer to the subscribers. |
| 115 | Two stages are typically connected via long distance optical transport. |
| 116 | |
| 117 | .. image:: images/topology-full.png |
| 118 | |
| 119 | Resiliency |
| 120 | ########## |
| 121 | Provides HA in following scenarios |
| 122 | - Controller instance failure (requires 3 or 5 node ONOS cluster) |
| 123 | - Link failures |
| 124 | - Spine failure |
| 125 | Further HA support in following failure scenarios with dual-homing enabled |
| 126 | - Leaf failure |
| 127 | - Upstream router failure |
| 128 | - Host NIC failure |
| 129 | |
| 130 | Scalability |
| 131 | ########### |
| 132 | In Production |
| 133 | - Up to 80k routes (with route optimization) |
| 134 | - 170k Flows |
| 135 | - 600 direct-attached hosts |
| 136 | - 8 leaf switches |
| 137 | - 2 spine switches |
| 138 | |
| 139 | In Pre-Production |
| 140 | - Up to 120k routes (with route optimization) |
| 141 | - 250k flows |
| 142 | - 600 direct-attached hosts |
| 143 | - 8 leaf switches |
| 144 | - 2 spine switches |
| 145 | - 5000 active UEs, 10 call per second |
| 146 | |
| 147 | Security |
| 148 | ######## |
| 149 | - TLS-secured connection between controllers and switches (premium feature) |
| 150 | - AAA 802.1x authentication |
| 151 | |
| 152 | Aether-ready |
| 153 | ############ |
| 154 | Fully integrated with Aether (5G/LTE private enterprise edge cloud solution) |
| 155 | including deployment automation, CI/CD, logging, monitoring, and alerting. |
| 156 | |
| 157 | Overlay Support |
| 158 | ############### |
| 159 | Can be used/integrated with 3rd party overlay networks (e.g., OpenStack Neutron, Kubernetes CNI). |
| 160 | |
| 161 | Orchestrator Support |
| 162 | #################### |
| 163 | Can be integrated with an external orchestrator, optionally running from the public cloud |
| 164 | Supports logging, telemetry, monitoring and alarm services via |
| 165 | REST APIs and Elastic/Fluentbit/Kibana, Prometheus/Grafana |
| 166 | |
| 167 | Controller Server Specs |
| 168 | ####################### |
| 169 | Recommendation (per ONOS instance) based on 50K routes |
| 170 | - CPU: 32 Cores |
| 171 | - RAM: 128GB RAM. 64GB dedicated to ONOS JVM heap |
| 172 | |
| 173 | White Box Switch Hardware |
| 174 | ######################### |
| 175 | - Multi-vendor: APS Networks™, Dell™, Delta Networks™, Edgecore Networks™, Inventec™, Netburg™, QCT™ |
| 176 | - Multi-chipset: |
| 177 | - Intel Tofino (supports all features, including programmability, UPF & INT) |
| 178 | - Broadcom Tomahawk®, Tomahawk+®, Trident2 (traditional fabric features only) |
| 179 | - 1/10G, 25G, 40G, 100G |
| 180 | - Refer to Supported Devices list in https://github.com/stratum/stratum for the most up-to-date hardware list |
| 181 | |
| 182 | White Box Switch Software |
| 183 | ######################### |
| 184 | - Open source ONL, ONIE, Docker, Kubernetes |
| 185 | - Stratum available from ONF |
| 186 | |